Commit graph

2094 commits

Author SHA1 Message Date
Emilia Kasper
efc943be56 MemorySanitizer: address false positive
Explicitly unpoison the result of FD_ZERO

Tests now pass, using -fsanitize=memory

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-22 18:30:11 +01:00
Kurt Roeckx
0335851754 argv was set but unused
Also gives an error message when you gave it a parameter it didn't expect.

Reviewed-by: Rich Salz <rsalz@openssl.org>

MR: #2009
2016-02-20 14:53:53 +01:00
Richard Levitte
3a55c92bba Rethink the uplink / applink story
Adding uplink and applink to some builds was done by "magic", the
configuration for "mingw" only had a macro definition, the Configure
would react to its presence by adding the uplink source files to
cpuid_asm_src, and crypto/build.info inherited dance to get it
compiled, and Makefile.shared made sure applink.o would be
appropriately linked in.  That was a lot under the hood.

To replace this, we create a few template configurations in
Configurations/00-base-templates.conf, inherit one of them in the
"mingw" configuration, the rest is just about refering to the
$target{apps_aux_src} / $target{apps_obj} in the right places.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-02-19 11:06:54 +01:00
Richard Levitte
ce192ebed0 Remove all special make depend flags, as well as OPENSSL_DOING_MAKEDEPEND
All those flags existed because we had all the dependencies versioned
in the repository, and wanted to have it be consistent, no matter what
the local configuration was.  Now that the dependencies are gone from
the versioned Makefile.ins, it makes much more sense to use the exact
same flags as when compiling the object files.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-18 23:43:09 +01:00
Rich Salz
d63a5e5e7d Remove outdated DEBUG flags.
Add -DBIO_DEBUG to --strict-warnings.
Remove comments about outdated debugging ifdef guards.
Remove md_rand ifdef guarding an assert; it doesn't seem used.
Remove the conf guards in conf_api since we use OPENSSL_assert, not assert.
For pkcs12 stuff put OPENSSL_ in front of the macro name.
Merge TLS_DEBUG into SSL_DEBUG.
Various things just turned on/off asserts, mainly for checking non-NULL
arguments, which is now removed: camellia, bn_ctx, crypto/modes.
Remove some old debug code, that basically just printed things to stderr:
  DEBUG_PRINT_UNKNOWN_CIPHERSUITES, DEBUG_ZLIB, OPENSSL_RI_DEBUG,
  RL_DEBUG, RSA_DEBUG, SCRYPT_DEBUG.
Remove OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-18 17:14:50 -05:00
Roumen Petrov
1bd8bc558d remove redundant opt* declarations
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-02-18 15:39:57 -05:00
Rich Salz
9a13bb387d GH681: More command help cleanup
enc:
 - typo in -base64 option
 - missing help opt text
ocsp, req, rsautl, s_client:
 - missing help opt text

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-02-18 12:24:44 -05:00
Rich Salz
dba3177745 Remove JPAKE
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-02-17 09:46:10 -05:00
Richard Levitte
18295f0c2d Make sure to use unsigned char for is*() functions
On some platforms, the implementation is such that a signed char
triggers a warning when used with is*() functions.  On others, the
behavior is outright buggy when presented with a char that happens
to get promoted to a negative integer.

The safest thing is to cast the char that's used to an unsigned char.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-02-14 19:31:55 +01:00
Benjamin Kaduk
21c6c50fc8 GH650: Minor tidying around the ocsp app
The ocsp utility is something of a jack-of-all-trades; most anything
related to the OCSP can be done with it.  In particular, the manual
page calls out that it can be used as either a client or a server
of the protocol, but there are also a few things that it can do
which do not quite fit into either role, such as encoding an OCSP
request but not sending it, printing out a text form of an OCSP
response (or request) from a file akin to the asn1parse utility,
or performing a lookup into the server-side revocation database
without actually sending a request or response.  All three of these
are documented as examples in the manual page, but the documentation
prior to this commit is somewhat misleading, in that when printing
the text form of an OCSP response, the code also attempts to
verify the response, displaying an error message and returning
failure if the response does not verify.  (It is possible that
the response would be able to verify with the given example, since
the default trust roots are used for that verification, but OCSP
responses frequently have alternate certification authorities
that would require passing -CAfile or -CApath for verification.)

Tidy up the documentation by passing -noverify for the case of
converting from binary to textual representation, and also
change a few instances of -respin to -reqin as appropriate, note
that the -url option provides the same functionality as the -host
and -path options, clarify that the example that saves an OCSP
response to a file will also perform verification on that response,
and fix a couple grammar nits in the manual page.

Also remove an always-true conditional for rdb != NULL -- there
are no codepaths in which it could be initialized at the time of
this check.

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-02-13 09:12:07 -05:00
Andy Polyakov
6d9843e7f5 apps/speed.c: initialize c[D_GHASH][i].
RT#4230

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-13 11:43:02 +01:00
Viktor Dukhovni
ce3d25d3e5 Fix some issues near recent chomp changes.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-13 02:54:48 -05:00
Richard Levitte
3c65577f1a Rename INSTALL_PREFIX to DESTDIR, remove option --install_prefix
INSTALL_PREFIX is a confusing name, as there's also --prefix.
Instead, tag along with the rest of the open source world and adopt
the Makefile variable DESTDIR to designate the desired staging
directory.

The Configure option --install_prefix is removed, the only way to
designate a staging directory is with the Makefile variable (this is
also implemented for VMS' descrip.mms et al).

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-12 21:54:07 +01:00
Emilia Kasper
a762655743 RT 3854: Update apps/req
Change the default keysize to 2048 bits, and the minimum to 512 bits.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-12 14:09:26 +01:00
Richard Levitte
04b76df3f7 make generate
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-12 04:42:22 +01:00
Richard Levitte
fb3e2a88ee Generate progs.h from a bunch of files instead of internal knowledge
apps/progs.pl counted on the caller to provide the exact command
files.  The unified build doesn't have that knowledge, and the easier
and more flexible thing to do is to feed it all the apps/*.c files and
let it figure out the command names by looking inside (looking for
/int ([a-z0-9][a-z0-9_]*)_main\(int argc,/).

Also, add it to the generate command, since it's a versioned file.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-12 04:42:22 +01:00
Richard Levitte
9ba96fbb25 Perl's chop / chomp considered bad, use a regexp instead
Once upon a time, there was chop, which somply chopped off the last
character of $_ or a given variable, and it was used to take off the
EOL character (\n) of strings.

... but then, you had to check for the presence of such character.

So came chomp, the better chop which checks for \n before chopping it
off.  And this worked well, as long as Perl made internally sure that
all EOLs were converted to \n.

These days, though, there seems to be a mixture of perls, so lines
from files in the "wrong" environment might have \r\n as EOL, or just
\r (Mac OS, unless I'm misinformed).

So it's time we went for the more generic variant and use s|\R$||, the
better chomp which recognises all kinds of known EOLs and chops them
off.

A few chops were left alone, as they are use as surgical tools to
remove one last slash or one last comma.

NOTE: \R came with perl 5.10.0.  It means that from now on, our
scripts will fail with any older version.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-11 22:11:48 +01:00
Rich Salz
22e3dcb780 Remove TLS heartbeat, disable DTLS heartbeat
To enable heartbeats for DTLS, configure with enable-heartbeats.
Heartbeats for TLS have been completely removed.

This addresses RT 3647

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-11 12:57:26 -05:00
Dr. Stephen Henson
43db7aa2de Fix engine key support in cms and req utilities.
PR#4246 and PR#4266

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-11 16:03:52 +00:00
Richard Levitte
d94c444bcd The protocol variable has lost its use, remove it
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-02-11 14:13:01 +01:00
Matt Caswell
210ac68246 Fix errstr error code parsing
Error codes are printed in hex, and previous OpenSSL versions expected
the error codes to be provided to errstr in hex. In 1.1.0, for some
reason, it was expecting them to be decimal.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-11 08:53:11 +00:00
Richard Levitte
968d1a2372 Use the protocol we know rather than BIO_ADDRINFO_protocol(res)
Because some platforms won't will in any value in ai_protocol, there's
no point using it if we already know what it should be.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-10 20:58:18 +01:00
Richard Levitte
07aa1e0459 Don't assert protocol equality
It seems that some platforms' getaddrinfo don't fill in the
ai_protocol field properly.  On those, the assertion
'protocol == BIO_ADDRINFO_protocol(res)' will fail.  Best to remove
it.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-02-10 20:35:02 +01:00
Dr. Stephen Henson
01a2ade05d typo
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-10 19:04:08 +00:00
Richard Levitte
e09621ff57 Make it possible to get ENGINESDIR info from OpenSSL_versions
Have apps/openssl display the result along with OPENSSLDIR

As part of this, add ENGINESDIR in util/mk1mf.pl

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-10 19:36:48 +01:00
Matt Caswell
302f75887e Attempt to log an error if init failed
If init failed we'd like to set an error code to indicate that. But if
init failed then when the error system tries to load its strings its going
to fail again. We could get into an infinite loop. Therefore we just set
a single error the first time around. After that no error is set.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-10 17:40:59 +00:00
Matt Caswell
0fc32b0718 The new init functions can now fail so shouldn't be void
The new init functions can fail if the library has already been stopped. We
should be able to indicate failure with a 0 return value.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-10 17:40:59 +00:00
Viktor Dukhovni
5e136d7abf Improve recent option help string additions
Make these more correct, concise and less tautological.

Reviewed-by: Stephen Henson <steve@openssl.org>
2016-02-10 12:34:39 -05:00
Viktor Dukhovni
d33def6624 Deprecate the -issuer_checks debugging option
This was a developer debugging feature and was never a useful public
interface.

Added all missing X509 error codes to the verify(1) manpage, but
many still need a description beyond the associated text string.

Sorted the errors in x509_txt.c by error number.

Reviewed-by: Stephen Henson <steve@openssl.org>
2016-02-10 12:34:06 -05:00
Rich Salz
f672aee494 Rename INIT funtions, deprecate old ones.
Man, there were a lot of renamings :)

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-10 09:37:03 -05:00
Richard Levitte
0f53f939a1 clean away old VMS cruft
The old building scripts get removed, they are hopelessly gone in bit
rot by now.

Also remove the old symbol hacks.  They were needed needed to shorten
some names to 31 characters, and to resolve other symbol clashes.
Because we now compile with /NAMES=(AS_IS,SHORTENED), this is no
longer required.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-10 14:36:32 +01:00
Richard Levitte
e84193e43d unified build scheme: add a "unified" template for VMS descrip.mms
As part of this, change util/mkdef.pl to stop adding libraries to
depend on in its output.  mkdef.pl should ONLY output a symbol
vector.

Because symbol names can't be longer than 31 characters, we use the
compiler to shorten those that are longer down to 23 characters plus
an 8 character CRC.  To make sure users of our header files will pick
up on that automatically, add the DEC C supported extra headers files
__decc_include_prologue.h and __decc_include_epilogue.h.

Furthermore, we add a config.com, so VMS people can configure just as
comfortably as any Unix folks, thusly:

    @config

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-10 14:36:32 +01:00
Richard Levitte
567a9e6fe0 unified build scheme: add a "unified" template for Unix Makefile
This also adds all the raw sections needed for some files.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-10 14:36:04 +01:00
Richard Levitte
e8461ee1d1 Simplify the specification of include dirs in the build dir
In build.info files, make the include directory in the build directory
absolute, or Configure will think it should be added to the source
directory top.  Configure will turn it into a relative path if
possible.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-10 05:09:39 +01:00
Rich Salz
effaf4dee9 Use NON_EMPTY_TRANSLATION_UNIT, consistently.
This also closes RT 4123

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-09 20:13:29 -05:00
A J Mohan Rao
32eabe3472 GH646: Update help for s_server command.
* added missing help option messages
    * ecdh_single option is removed as it is a no-op and not an option
    supported in earlier versions
    * ssl_ctx_security_debug() was invoked before ctx check for NULL
    * trusted_first option can be removed, as it is always enabled in 1.1.
    But not removed the option, require confirmation.

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-02-09 10:57:03 -05:00
Matt Caswell
35d8fa563c Updates for auto init/deinit review comments
Fixes for the auto-init/deinit code based on review comments

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-09 15:12:02 +00:00
Matt Caswell
b9f757074d Get the apps to use auto-init/de-init
Clean up the apps so that we make use of the new auto-init/de-init feature.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-09 15:11:38 +00:00
Matt Caswell
7b9f8f7f03 Auto init/deinit libcrypto
This builds on the previous commit to auto initialise/deinitialise
libcrypto.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-09 15:11:38 +00:00
Viktor Dukhovni
c0a445a9f2 Suppress DANE TLSA reflection when verification fails
As documented both SSL_get0_dane_authority() and SSL_get0_dane_tlsa()
are expected to return a negative match depth and nothing else when
verification fails.  However, this only happened when verification
failed during chain construction.  Errors in verification of the
constructed chain did not have the intended effect on these functions.

This commit updates the functions to check for verify_result ==
X509_V_OK, and no longer erases any accumulated match information
when chain construction fails.  Sophisticated developers can, with
care, use SSL_set_verify_result(ssl, X509_V_OK) to "peek" at TLSA
info even when verification fail.  They must of course first check
and save the real error, and restore the original error as quickly
as possible.  Hiding by default seems to be the safer interface.

Introduced X509_V_ERR_DANE_NO_MATCH code to signal failure to find
matching TLSA records.  Previously reported via X509_V_ERR_CERT_UNTRUSTED.

This also changes the "-brief" output from s_client to include
verification results and TLSA match information.

Mentioned session resumption in code example in SSL_CTX_dane_enable(3).
Also mentioned that depths returned are relative to the verified chain
which is now available via SSL_get0_verified_chain(3).

Added a few more test-cases to danetest, that exercise the new
code.

Resolved thread safety issue in use of static buffer in
X509_verify_cert_error_string().

Fixed long-stating issue in apps/s_cb.c which always sets verify_error
to either X509_V_OK or "chain to long", code elsewhere (e.g.
s_time.c), seems to expect the actual error.  [ The new chain
construction code is expected to correctly generate "chain
too long" errors, so at some point we need to drop the
work-arounds, once SSL_set_verify_depth() is also fixed to
propagate the depth to X509_STORE_CTX reliably. ]

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-08 14:46:09 -05:00
Dr. Stephen Henson
c9018bdf81 fix various formatting issues
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-08 18:43:49 +00:00
Dr. Stephen Henson
762ee38d55 Use new names
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-08 18:43:48 +00:00
Dr. Stephen Henson
776cfa9bfb Use accessors in pkcs12 app.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-08 18:43:48 +00:00
Dr. Stephen Henson
b577fd0b81 Deprecate undocumented SSL_cache_hit().
Deprecate undocumented SSL_cache_hit(). Make SSL_session_reused() into a
real function.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-08 16:57:07 +00:00
Dr. Stephen Henson
dd9589740d Fix engine key support in utilities.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-08 15:11:08 +00:00
Rich Salz
a173a7ee3f more doc fixes
dgst: using digest instead of specific digest commands
the digest list specified in man dgst may be inaccurate, hence using
digest and referring to the list in digest-commands

'sha' as a digest name is no longer supported

dgst,pkeyutl cmds help cleanup
- In dgst, pkeyutl cmds, some options help was missing.
- fixed a minor typo in openssl.pod, that fixes make install.
- digest-commands was showing ‘sha’, which is not a supported digest
anymore.

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-02-07 23:14:12 -05:00
A J Mohan Rao
6755ff1128 commands help cleanup
opt_valtype 0 is same as '-' while printing cmd usage
asn1parse/ca/ciphers help cleanup

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-02-06 14:06:52 -05:00
Richard Levitte
c86ddbe613 Enhance and clear the support of linker flags
Some time ago, we had a ex_libs configuration setting that could be
divided into lflags and ex_libs.  These got divided in two settings,
lflags and ex_libs, and the former was interpreted to be general
linking flags.

Unfortunately, that conclusion wasn't entirely accurate.  Most of
those linking were meant to end up in a very precise position on the
linking command line, just before the spec of libraries the linking
depends on.

Back to the drawing board, we're diving things further, now having
lflags, which are linking flags that aren't depending on command line
position, plib_lflags, which are linking flags that should show up just
before the spec of libraries to depend on, and finally ex_libs, which
is the spec of extra libraries to depend on.

Also, documentation is changed in Configurations/README.  This was
previously forgotten.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-02-06 17:57:19 +01:00
Insu Yun
69ac182d15 GH634: fix potential memory leak
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-02-06 09:25:54 -05:00
Rich Salz
0d1e003f84 RT4194: Restore old engine parameter parsing.
Allow initial engine names as first parameters before flags.
Also add engine param to help summary

Wrote manpage

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-02-06 09:19:04 -05:00